Windows 7 - A New Wireless Risk to the Enterprise

  • 2,097 views
Uploaded on

Windows 7 soft ap is a new wireless risk to the enterprise. This presentation demonstrates how windows 7 can be converted to a soft ap(hotspot) and become a thread to your organization.

Windows 7 soft ap is a new wireless risk to the enterprise. This presentation demonstrates how windows 7 can be converted to a soft ap(hotspot) and become a thread to your organization.

More in: Technology , Business
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
2,097
On Slideshare
0
From Embeds
0
Number of Embeds
0

Actions

Shares
Downloads
0
Comments
0
Likes
1

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide
  • This is been an ongoing trend for past few years and will continue for several years to come… Happening rapidly for Wireless-enabled devices: laptops, Netbooks, Smartphones, Gaming equipment, etc. Corporate security threat as these devices are brought into the enterprise End-user perspective: If I can use this at home why can’t I use this at work? Same issue as Social networking, etc.
  • The question then is are you ready for this challenge? Do you have wireless usage and security policies and do you have a mechanism to enforce it?
  • Laptop can be configured to simultaneously connect to a Wi-Fi network as well as serve other devices as an Access Point (known as Software-enabled AP)
  • Isn’t this a great feature! A personal hotspot! Setup a Personal Area Network using Wi-Fi connectivity Connect Smartphones, Zune, and other devices to your laptop to synch music & video, share photos, transfer files, print, and share the Internet connection.
  • Isn’t this a great feature! A personal hotspot! Setup a Personal Area Network using Wi-Fi connectivity Connect Smartphones, Zune, and other devices to your laptop to synch music & video, share photos, transfer files, print, and share the Internet connection.
  • Our findings
  • 02/25/10
  • 02/25/10

Transcript

  • 1. Sri Sundaralingam, VP, Product Management Dr. Kaustubh Phanse, Senior Wireless Architect A New Wireless Risk to the Enterprise Windows 7
  • 2. Consumerization of IT (especially wireless/mobile) is posing a challenge for enterprise security
  • 3.  
  • 4. Evolution of Wi-Fi support on end-user devices Traditional Wi-Fi Operate as client/ad-hoc First Gen “Soft AP” Convert laptop into AP But, single function: Can operate either as AP OR client/ad-hoc Windows 7 Virtual WiFi – The Next Gen Soft AP Can operate as Soft AP and Client/Ad-hoc simultaneously
  • 5. Setting up a Windows 7 Soft AP is simple!
  • 6. Download free utility from http://connectify.me/
  • 7. Choose SSID, WPA2-PSK Password, Interface Click !
  • 8. Voilà ! We have a hotspot!
  • 9. You can do the same using Intel’s My WiFi utility
  • 10. Windows 7 Soft AP: A User’s Delight
  • 11. Windows 7 Soft AP: Security? ?
  • 12. Typical Rogue AP scenario
  • 13. Windows 7 Rogue AP scenario
  • 14. Security administrator has no visibility and no control over allowing or denying access to devices connecting through ‘Virtual WiFi’ Policy Enforcement Challenge
  • 15. Wired security measures are ineffective!
  • 16. What can you do about it?
  • 17.
    • Shutdown user privileges for running Virtual WiFi
    • - Use Windows Active Directory group policy
    • - Supported on Windows 2008 server R2
    • Not always practical
    • Lacks flexibility
    Windows User Group Policy
  • 18.
    • Centrally enforce wireless policies
    • Enable flexibility
    Wireless Security Endpoint Agent
  • 19. Permit legitimate devices, deny access to others Wireless Intrusion Prevention System (WIPS) Wire-side scanning cannot detect presence of Virtual WiFi Soft APs  Wired and Wireless correlation is necessary to detect and block Virtual WiFi Soft APs 
  • 20. SpectraGuard Enterprise WIPS
  • 21. 1-click drill down
  • 22. Accurate location tracking
  • 23.  
  • 24.  
  • 25.  
  • 26.  
  • 27. Prevention turned ON
  • 28.  
  • 29.
    • Windows 7 Virtual WiFi allows simultaneous operation as client and as Soft AP
    • - Very easy to set up, e.g., Connectify, Intel My WiFi
    • This new type of Rogue AP can now be connected to your enterprise network also through WiFi
    • Presence of Soft AP cannot be detected using wire-side scanning alone
    • Can be detected only using a WIPS that correlates wired and wireless traffic
    Our findings
  • 30.
    • Automates wireless threat remediation
    • Minimizes false alarms
    • Provides “always on” protection
    • Protects both current and legacy WLANs
    • Integrates with any WLAN environment
    • Simplifies compliance
    • Ideal solution for both secure WiFi and no-WiFi environments
    AirTight’s Key Value Propositions
  • 31. SpectraGuard Product Family WLAN Coverage & Security Planning SpectraGuard Planner SpectraGuard SAFE Wireless Security for Mobile Users SpectraGuard Online Industry’s Only Wireless Security Service SpectraGuard Enterprise Complete Wireless Intrusion Prevention
  • 32. Thank You! The Global Leader in Wireless Security and Compliance For more information on wireless security risks, best practices, and solutions, visit: www.airtightnetworks.com For up-to-date information on developments in wireless security, visit blog.airtightnetworks.com